The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
Browsers are powerful computer applications that may request and execute instructions received from a web server to generate and present complex user interfaces to a user through one or more devices, such as a monitor or speakers. In response to input from a user, such as a mouse click indicating that the user selected an object defined in the instructions, such as a link, a browser may send a request based on the selected object to the web server. The request may be a request for data or include data for the web server to process.
Attackers may use software, often referred to as a “bot”, which imitates a browser by receiving instructions from a web server and generating requests based on those instructions. For example, a bot may receive a web page, gather data in one or more objects defined in the web page, and generate a request for another web page to gather additional data, as if a user using a browser was requesting a new web page. Also for example, a bot may generate and send a request with data assigned to one or more parameters to simulate a user submitting data to a web server through a browser.
Attackers may use bots to commit many types of unauthorized acts, crimes or computer fraud, such as content scraping, ratings manipulation, fake account creation, reserving rival goods attacks, ballot stuffing attacks, password snooping, web site scraping attacks, vulnerability assessments, and stack fingerprinting attacks. As a specific example, a malicious user may cause a bot to traverse through pages of a web site and collect private or proprietary data, such as who is connected with whom on a particular social networking web site.
One way that a web server administrator may protect a server computer from attacks is to have the server computer modify a web page each time a client computer requests the web page. For each instance of the modified web page, the server computer may generate and store a set of mappings that map one or more values in the instance of modified web page to the original values in the web page. In response to a request based on an instance of the modified web page, the server computer may retrieve the set of mappings for that particular instance of the modified web page, generate a new request based on the received the request and the retrieved set of mappings, and send the new request to a server to be processed. A server that serves millions or even billions of modified instances of a web page may require a massive amount of storage to save the mappings that would be generated. Such a system may require too much memory for this to be a viable solution.
Additionally or alternatively, a web server administrator may protect a server computer from attacks by having the server computer add instructions that implement one or more countermeasures from a set of countermeasures. The one or more countermeasures may require additional processing or change the way a browser processes or executes the instructions in the web page. Accordingly, for each instance of the modified web page, the server computer may add different instructions that implement different countermeasures, each of which may change the way a web page process or executes the instance of the web page. However, adding instructions that implement one or more countermeasures may break the functionality of a web page or introduce one or more errors. To debug one or more particular countermeasures, or errors introduced into a particular instance of the web page, the server may save each instance of the web page so that a developer can review the instructions for each instance of the web page. A server that serves millions or even billions of modified instances of a web page may require a massive amount of storage to save a copy of each instance of the web page. Such a system may require too much memory for this to be a viable solution.